Guidance After CEH

Karl ChKarl Ch Registered Users Posts: 4 ■□□□□□□□□□
Hello all,
I recently got my CEH which was easy. I have additionally got my ECSA certification too.

My background:
1. Masters in Telecommunications Management.
- No programming background
2. Working as a 3rd Party Risk Assessor at a firm since 1 and half year.
- Did freelancing (Vulnerability tests for 1 year)
3. Got my CCNA R&S, CEH and ECSA.

Goal: Aim to become "Good" Pen tester and auditor in the future.

So to fulfill my goal, I wanted to know if OSCP is the best course to go for esp with my background. A discord group for OSCP will also be helpful since people cannot PM me due to low post counts.

Please guide me.


  • UnixGuyUnixGuy Mod Posts: 4,564 Mod
    Yes OSCP is the best, but it's very hard specially if you don't have background in pentesting. A more gentle approach would eLearnSecurity eJPT, then eLearnSecurity eCPPT(not easy but a massive step up), then OSCP.

    your abilities in pentesting correlates (heh) to the number (and quality) of hours you spend labbing. So lab lab lab!!!

    Learn GRC! GRC Mastery : 

  • [Deleted User][Deleted User] Senior Member Posts: 0 ■■□□□□□□□□
    Have you considered doing the GIAC GPEN? Sign up for the course from SANS for SEC 560. It's expensive but it will provide you with a lot of information that will make OSCP a lot easier!
  • 636-555-3226636-555-3226 Member Posts: 975 ■■■■■□□□□□
    I'd do GPEN before OSCP if your work will pay for it. Otherwise most people here seem to like the elearnsecurity pentesting courses as a lead-in to oscp. one more non-cert-related suggestion - download lots of those tools you learned about in CEH and get really good with them. having the cert is one thing, being really good with the stuff it covers is an entirely different beast
Sign In or Register to comment.